Privacy Notice information in accordance with section 5 of the Telemedia Act (TMG, Germany):
BeamReach Inclusion Ringstr 5, Ahrensfelde OT Lindenberg, 16356, Brandenburg, Germany

Represented by:
Olla Jongerius, Managing Partner

Internet address:

Register entry
VAT ID according to § 27a UStG: DE315763799
Person responsible for content in accordance with 55 Abs. 2 RStV (Germany):  
Olla Jongerius

Privacy Policy

Privacy PolicyP
This version is valid from: [30.12.2022]

When does this Privacy Notice apply?
This Privacy Notice describes how we, as a controller, collect, use and share your personal data. It applies to personal data you voluntarily provide to BeamReach Inclusion, or is automatically collected by BeamReach Inclusion. 

Who we are
The company operating, its associated websites and social media accounts is Olla Jongerius , Ringstr 5, Ahrensfelde OT Lindenberg, 16356, Germany ] (“[name]”, “we”, “us”, “our”). Any data protection related questions you might have about how we handle your personal data or if you wish to exercise your data subject rights, please contact us by post or at

What data we collect and for what purpose 
BeamReach Inclusion collects data voluntarily provided to BeamReach Inclusion by clients, website visitors and candidates applying for open job positions. Beam Reach Inclusion processes Personal Data as described below:

1. Website hosting
BeamReach Inclusion makes its website available through Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA and has executed standard contractual clauses with WebFlow to safeguard your data that is transferred to WebFlow for this. BeamReach Inclusion collects anonymous statistical data about the use of its website to optimise its online presence and for marketing and sales purposes. No cookies are being stored on your device, and only the first 2 bytes of your IP address are being stored (e.g. 200.100.x.x). The data is collected on servers operated by BeamReach Inclusion in the European Union. This data is not governed by the GDPR as it is anonymous. You may further opt-out of tracking by enabling the Do-Not-Track option in your browser. Visit to learn how.

2. Information provided by you through web forms, through voice conversations such as phone, videoconferencing and during in-person meetings.
Through web forms on our contact page and on in-page ‘call to action’ forms, we collect your company name, first name, last name, email address and phone number. We process this information for the purpose of the performance of a contract, or in the preparatory stage of entering into a contract as laid out in Art 6(1)(b) of the GDPR. As you actively request us to contact you for more information about our products and services, we will need to record this data to be able to effectively communicate with you for this purpose. This information is submitted to a server operated by [name], from which it will be deleted 25 months after the last contact we had with you, unless you become a client and we will need to retain your information for other reasons. This information is not shared outside of our organization, and is stored on servers within the European Union.

3. Engage our services
BeamReach Inclusion may collect personal information provided by the clients for the purposes of the performance of a contract, Art 6(1)(b) GDPR. The information we may collect is first name, last name, company name, email address, phone number, picture, position and role and invoicing information such as bank details and VAT number. We also process the feedback you give to help us assess the quality of our service provision and guide our decision making (quality management). We carry out this processing in our legitimate interests as per Art 6(1)(f) GDPR.We store this information for two years after the end of our DPO and consulting contract.

 4. Keeping you informed about privacy and GDPR.
When filling out a webform or through other methods and communication you also have the choice to sign up for our marketing communication by selecting the appropriate, optional tick box for this purpose. We only add you to our mailing list once you have passed the double-opt in. The processing of your name and email for this particular purpose are based on your consent Art 6(1)(a) GDPR, which you can revoke at any time. We will continue to process your personal data for this purpose until you revoke this consent by either clicking the ‘unsubscribe’ button, or contact us by post or at to revoke your consent  or request we unsubscribe you. However, should another legal base exist for us to process your data, (as outlined above under 2. or 3. for example, should we require your email address in the scope of contract negotiation), we will continue to process your personal data for those purposes.

5. Server administration
Your IP address and your page requests are stored in log files for a duration of maximum 14 days on our servers for the reason of preventing fraud, abuse, and security incidents, as well as monitoring the performance of our servers. After 14 days, these log files will be automatically deleted. We carry out this processing and data retention in our legitimate interest as laid out in Art 6(1)(f) for the GDPR. 

6. Internal communication required to deliver services
Internally, we use Google Workspace for our email service, calendar and internal document management. We also use it to communicate and provide our services to our clients, we then collect the client’s name, title and email address. The data collected in the scope of this communication is legitimised under performance of a contract as laid out under Art (6)(1)(b) of the GDPR. Data processed on GSuite is deleted within 25 months after the end of our engagement with you.More information around data transfers out of the EEA or to non adequate countries can be found below in the section Security and International Data Transfers.

7. Collection of statistical information through surveys
From time to time, we carry out surveys and questionnaires among specific or broad groups of companies which help us better understand the market, the compliance situation of our target industries and their specific concerns. The data collected in these surveys may contain personal or pseudonymous elements which ensure de-duplication and prevent skewed results. This processing is carried under legitimate interest, as laid out in Art 6(1)(f) of the GDPR. We however separate and where possible remove personal elements from these data sets at the earliest convenience and only do our analysis and reporting on anonymized data sets. We never use such results to target you for sales or marketing reasons and do not share these details outside of our organization. We only use the anonymized data sets to derive aggregate insights from anonymous reports. If you elect to leave your contact details in such surveys we will only use them for the specifically-indicated purpose. Any personal data purposefully given is considered consent as in Art 6(1)(a) of the GDPR and can be revoked at any time by contacting us.

8. Application for a job or internship
During our recruitment process, we collect personal data of active or potential candidates for our vacancies. The recruitment process might take two different forms: 

Talent Scouting 
We collect personal data in our process of scouting for potential candidates through public professional social networking sites such as LinkedIn. We will either carry out this process ourselves or engage with third-party headhunters to seek out potential candidates. This process serves the purpose of finding potential candidates that might have an interest in working with us based on their education, work experience and skill set. We collect the following information: first and last name, link to social networking profile, work and academic history, language proficiency, and location. We handle this information on the basis of pursuing our legitimate interest to find potential candidates and reach out to them, as laid out in Art.6(1)(f) GDPR and §4(1)(f) of the BDSG. We store this information for up to one month. Within this time, we either contact and inform any potential candidate whom we might be interested in interviewing, as required by Article 14(3)(a) GDPR and §33 of the BDSG, or immediately erase the information of potential candidates that we determine do not meet our criteria,Upon contact, the candidate can object to the processing of data whereby we delete their data on the spot. As all records, including your communication are deleted, please consider the possibility that you might accidentally be contacted again in the future.  Should a potential candidate be interested in proceeding with our interview and/or assessment process, this then triggers the Active Applicant process described below. 

Active applicants 
We collect the data of the applicants who actively apply to the vacancies we advertise via email and professional social networking sites such as LinkedIn. This process serves the purpose of selecting the applicants that are most suitable for the vacancy based on education, work experience and skill set. The application is submitted by emailing us. Occasionally, and depending on the recruitment stage, we request and collect additional information. The information collected includes: first and last name, email address, phone number, home address, date of birth, profile picture, work and academic related information contained in CV and cover letters, and when applicable, references and academic records or transcripts. The legal basis for this is the performance of a contract as laid out in Art.6(1)(b) GDPR and §26(1) of the German Federal Data Protection Act, the BDSG. Should we decide to reject your application, or you revoke your interest to continue the process, we store your personal data for 6 months from the date of rejection, based on our legitimate interest to defend ourselves against legal claims, as per Art. 6(1)(f) of the GDPR and §4(1)(f) of the BDSG.
Ensuring compliance
BeamReach Inclusion is under obligation to comply with all applicable laws and regulations, including, but not limited to those of the European Union, Germany and the state of Brandenburg. For this reason we may have to collect, process and retain your details for an extended period of time as a legal obligation (Art 6(1)(c) GDPR).Information required to track your choices and consent regarding the processing (or use) of your Personal Data or reception of marketing materials is stored to ensure compliance with the GDPR. 

Security and international data transfers 
We use third party software across several countries, personal data may therefore be transferred to a country outside the EU/EEA. To protect your personal data, we enter into data protection agreements and maintain both technical and organisational safeguards around the processing of your data. The Standard Contractual Clauses we rely on can be provided on request by reaching out to

Why am I required to provide Personal Data?
As a general principle, providing personal information and granting consent for our use of this information is done entirely on a voluntary basis. Choosing not to consent or provide personal data is generally not detrimental. However, there are circumstances in which [name] cannot take action without specific data. This is the case, for instance, when data is required to process your order, fulfill a contact request, or provide you with access to a service or newsletter. 

Who your data is made accessible to BeamReach Inclusion hosts the majority of its services and systems itself on servers within the EU. We use a transactional email provider and a mailing list service, both located in the EU to deal with our mailing needs.In the case your personal details are visible on an incoming or outgoing invoice, they may also be transmitted to our tax advisor as well as to the financial authorities (German Finanzamt).

Your rights as a data subject
At any time, you can request from BeamReach Inclusion to receive information about which personal data BeamReach Inclusion processes about you. You can also request the correction or deletion of such personal data. Please note, however, that BeamReach Inclusion can delete your personal data only if there is no statutory obligation or prevailing obligation on BeamReach Inclusion to retain it. If BeamReach Inclusion uses your personal data based on consent or the performance of a contract, you may also request a copy of the personal data that you have provided to BeamReach Inclusion. To do so, please contact us at and specify the information or processing activities to which your request relates. Furthermore, you can request that we restrict your personal data from any further processing if:You are contesting the accuracy of the data we hold about your, for as long as we need to verify this claim. If you believe the processing of the data is unlawful, but you oppose the erasure of the data and request restriction of processing instead. If we no longer need your data for the original purpose, but you need them for the establishment, exercise or defense of legal claims.If you have objected to the use of your data, while we evaluate if our legitimate grounds for processing your data override yours, as required by Art 21 of the GDPR. Please direct any such request to

Your right to lodge a complaint
We encourage you to contact us at if you have any privacy related concern. Should you disapprove of the response we have provide you, you have the right to lodge a complaint with our supervisory authority, or with the data protection authority of the European member state you live or work in. The details of the supervisory authority responsible for Brandenburg, Germany, are:
Landesdatenschutzbeauftragten Brandenburg
Stahnsdorfer Damm 77
14532 Kleinmachnow
Phone: 033203/356-0
Fax: 033203/356-49

Use of this website by children
This website is not intended for anyone under the age of 16 years. If you are younger than 16, you may not register with or use this website.

Links to other websites
This website may contain links to external websites(i.e. non-BeamReach Inclusion companies and organisation. BeamReach Inclusion is not responsible for the privacy practices or the content of those websites. We therefore recommend that you familiarize yourself with privacy practices of these organizations by reading their privacy notices.

Changes to this Privacy Policy
We may modify this privacy policy at any time to comply with legal requirements as well as developments within our organization. When we do, we will revise the date and version at the top of this page. Each visit or interaction with our services will be subject to the new privacy policy. We encourage you to regularly review our privacy policy to stay informed about our data protection policy. Unless, we implement profound changes that we proactively notify you about, you acknowledge that it is your responsibility to review our privacy policy to be aware of modifications.

Used with permission deom